[Note: This is Cc'd to debian-devel and debian-security because of the discussion regarding RMS' su diatribe; subscribers to these lists might find it interesting, scroll down past the Java stuff if you are, and feel free to ignore this message if you're not. Please don't flame me. I'm thin-skinned. <grin>]
On Thu, 1 Mar 2001, Seth Arnold wrote: > * Alexander Hvostov <[EMAIL PROTECTED]> [010301 22:35]: > > That's why you create classes under packages other than `java' or > > `javax'. The Java API proper is in the `java' and `javax' packages, and > > Sun is simply trying to keep Java consistent across implementations by > > using their IP powers to make not implementing these packages to spec > > illegal. > > > > It's called standards. It's why they exist. Sun just happens to have the > > IP power to enforce them. > > I'm not saying an attempt to have standards is bad; I'm saying that due > to how Sun wishes to maintain standards, I don't think a free Java API > implementation can succeed. It is why there isn't a standard Java > package in Debian. Why not? If a free Java implementation is done to spec, it is in compliance with Sun's relatively lenient IP-enforced requirements, which means that there _can_ be a default Java package in Debian. It's also why projects like kaffe, japhar, gcj, and so forth exist without getting sued. Besides considering that Sun is leveraging its IP, consider _why_ Sun is doing this, and _what_ they're leveraging their IP to do. You must look deeper, my son. :) I think they should mention that pre-release versions of Java implementations are allowed to implement subsets of the spec, though, since it would be pretty counterproductive to not release your implementation at all until you've completely implemented the spec... > > Considering Mozilla will stabilize and become fully usable soon enough, I > > don't think this drastic a change is really necessary. > > Good; then you can delete Navigator at that point and not worry about it > being non-free. :) > > > > > - figfonts > > > Hehe. Do you *need* figlet? :) > > Do I *need* reproductive organs? > > Nope. Care to donate yours to the needy? :) Those who don't have reproductive organs presumably underwent one or more traumatic experiences that resulted in their loss, which generally causes them not to want replacement reproductive organs. This is the probable reason for the lack of demand for such organs. > > > > - filters-nonfree (for when fortune doesn't cut the mustard :) > > > Hehe. Do you *need* to read something in Cockney English? :) > > Do I *need* two functioning eyes, rather than just one? > > Many organisms don't even *have* eyes. Two is just wasteful. Care to > donate yours to the needy? :) These, on the other hand... > > What `su' diatribe, exactly? > > info su; /Richard Okay, now that's just rich. I'm tempted to email RMS and tell him to stop trying to apply a technological solution to a sociological problem, as it's the same damned thing that smut filter software (Cyber Patrol et al) is designed to do, and it's no secret to any faithful Slashdot reader that doing so is futile and counterproductive. Of course, all of this is meaningless, since with PAM, `su' _can_ understand and honor the `wheel' group. Also, if RMS is so against authority and power, why is there a GNU `su' at all? In addition, where the rulers' (ie, sysadmins') power is not cemented, there is no security (e.g., because someone unauthorized has the root password). Where there is no security, there are 31337 H4X0RZ, who generally completely subvert the machine, rendering the entire point moot since now _nobody_ (except, of course, the aforementioned H4X0RZ) can use the machine. And anyway, what competent sysadmin is stupid enough to give a bunch of lusers the power to change the root password? Also, reading over this article, it seems as though everyone had sufficient access to modify the OS kernel. Obviously, in Unix, this is definitely not the case, nor is it altogether common anymore to have anywhere near as many users as I'm under the impression were on the Twenex system in the example. And of course one can always subvert the machine by disconnecting the BIOS battery (if necessary) and booting off a floppy... The bottom line is that the example given RMS is horribly out of date, and most of it no longer applies, as modern Unix systems with that quantity of users are run by some extremely cautious sysadmins, who are less than altogether eager to give out the root password (or the power to change it) to anyone other than God. Those who feel otherwise shouldn't have root in the first place, as they are not competent sysadmins by any stretch, especially on a system serving that many users. This was the era of trivial security where nobody ever really exploited buffer overflows or anything, and that simple intimidation (e.g., "Permission denied") was enough to prevent users from doing things they weren't supposed to. Those days are numbered, and ultra-secure systems that even the FBI is unlikely to crack[0] are now an everyday sight. > Cheers! :) Regards, Alex. [0] Without physical access, at least. P.S. For those of you too lazy (or unable) to look at the mentioned article by RMS, it is copied below for your convenience: Why GNU `su' does not support the `wheel' group =============================================== (This section is by Richard Stallman.) Sometimes a few of the users try to hold total power over all the rest. For example, in 1984, a few users at the MIT AI lab decided to seize power by changing the operator password on the Twenex system and keeping it secret from everyone else. (I was able to thwart this coup and give power back to the users by patching the kernel, but I wouldn't know how to do that in Unix.) However, occasionally the rulers do tell someone. Under the usual `su' mechanism, once someone learns the root password who sympathizes with the ordinary users, he or she can tell the rest. The "wheel group" feature would make this impossible, and thus cement the power of the rulers. I'm on the side of the masses, not that of the rulers. If you are used to supporting the bosses and sysadmins in whatever they do, you might find this idea strange at first.